Apple Inc on Monday issued software updates to patch more than two dozen security holes in its OS X operating systems and various Apple software applications. The company also issued a patch to fix security vulnerability in Safari for the Mac (The issue in Windows XP & Vista was fixed earlier). The updates are available through Apple Software Update or directly from Apple Downloads.

Apple has released Security Update 2008-04 for users of Mac OS X 10.4 Tiger, addressing several issues with the operating system. This update is only for Tiger users; Leopard users received this update as part of the 10.5.4 update, also released on Monday.

In Tiger, a fix has been made to the Alias Manager that would allow maliciously crafted volume mount information to arbitrarily execute code or lead to application termination. If a system requires a password to wake from sleep and Exposé hot corners are enabled, it was possible to access the system without the password– this issue has been fixed. A problem has also been fixed that would occur when visiting a maliciously crafted website with “Open Safe Files” enabled in Safari. This problem could lead to a file being opened on the user’s system, resulting in arbitrary code execution. In addition, a memory corruption issue had existed in WebKit’s handling of JavaScript arrays; Apple fixed this problem as well. Issues have also been fixed with VPN, Tomcat, System Configuration and SMB File Server. There are several versions of the update available for PowerPC & Intel based machines.

Apple Inc, on Monday, also released Mac OS X 10.5.4 updates, fixing several issues with iCal, AirPort, Safari, Spaces & Exposé. Here’s a quick list: AirPort has been updated addressing reliability & performance issues with 5GHz networks. iCal received updates fixing seven issues with the application including reliability for meeting requests, cancellation notices, delegation, and syncing with iPhone. Performance issues when loading secure web pages in Safari has been resolved. Spaces & Exposé received a couple of updates, as well. In addition to the fixes, Mac OS X 10.5.4 includes additional RAW image support for several cameras and an issue with saving and reopening Adobe Creative Suite 3 files on a remote server has been fixed.

Apple does not appear to have fixed the rather serious vulnerability in its Apple Remote Desktop program, which allows any program to run on a Mac user’s machine without first prompting the user to enter his or her user name and password.